Overview

overview

10

Static

static

5

712cca0266...0N.exe

windows7-x64

10

712cca0266...0N.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    712cca0266f6df28c36daf14c9c341c0N.exe

  • Size

    904KB

  • Sample

    240722-g6xtsasgmk

  • MD5

    712cca0266f6df28c36daf14c9c341c0

  • SHA1

    27a5d94edd107dfccc50722c688a81f7ef4832cb

  • SHA256

    a649d9ba841273522f37123d052f20926627980b7332e27f846db3f79854e98d

  • SHA512

    ee8ddfa8ed8ab6bc9f4359e913d0921a12a36f258780bb55ef7c2f5c1b59316410e9edb3f2eb876b1f2cc332808f4e3da3a58af1d1de744210cf4c09afbc41bc

  • SSDEEP

    24576:ZAHnh+eWsN3skA4RV1Hom2KXMmHaKZa5m:gh+ZkldoPK8YaKGm

Score
10/10
revengeratmarzo26trojan

Malware Config

Extracted

Family

revengerat

Botnet

Marzo26

C2

marzorevenger.duckdns.org:4230

Mutex

RV_MUTEX-PiGGjjtnxDpn

Targets

    • Target

      712cca0266f6df28c36daf14c9c341c0N.exe

    • Size

      904KB

    • MD5

      712cca0266f6df28c36daf14c9c341c0

    • SHA1

      27a5d94edd107dfccc50722c688a81f7ef4832cb

    • SHA256

      a649d9ba841273522f37123d052f20926627980b7332e27f846db3f79854e98d

    • SHA512

      ee8ddfa8ed8ab6bc9f4359e913d0921a12a36f258780bb55ef7c2f5c1b59316410e9edb3f2eb876b1f2cc332808f4e3da3a58af1d1de744210cf4c09afbc41bc

    • SSDEEP

      24576:ZAHnh+eWsN3skA4RV1Hom2KXMmHaKZa5m:gh+ZkldoPK8YaKGm

    Score
    10/10
    revengeratmarzo26trojan

    • RevengeRAT

      Remote-access trojan with a wide range of capabilities.

      trojanrevengerat

    • Drops startup file

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks